Don't become a victim.

Be very careful...

Over the last few months, I have received three very suspicious telemarketing telephone calls. In each case, the caller was –

Speaking heavily (East Asian?) accented English

Claiming to represent Microsoft or a Microsoft Partner Company

Claiming special knowledge that my computer was “infected”

Alleging that regular mass-market anti-virus software could not detect the alleged “infection”.

Claiming that only the caller’s company could help me “clean” my computer of the alleged infection.

In each call, my reaction was to try to break out of the caller’s script and ask lots of questions. This had mixed results.

In the first call, the caller stuck to his script and acted like he heard nothing I said. I hung up on that guy very quickly.

In the second call, the caller hung up on me when I tried to ask the legal name and mailing address of his company.

In the last case, I was able to get a bit of a longer conversation going.

What were these callers trying to do?

Gain remote access to my computer so he could “fix” the “infection”. (A more likely result of granting remote access to this person would be that he installs criminal malware on my computer or damage it in other ways.)

Get my credit card number so he could collect $99.00 as a service charge for his work. (Or even just run up additional fraudulent charges to beyond my credit card’s limit…)

Obviously, neither of those things are what you should ever actually do unless YOU initiate the support request call to your system vendor!

Questions with no answers

I asked a lot of questions that the caller refused to answer –

What is the legal name and mailing address of his employing company? (“I can’t tell you that for security reasons”).

What is the precise technical nature of the infection on my computer (Only he could fix the problem, because no antivirus software can detect it.).

That’s an imprecise answer. Answer the question. (Acted like he did not hear what I said.)

How – exactly – he knew MY computer was infected (The last guy said “Microsoft’s Windows Update server sent us an alert about your computer”).

Oh really? How do you know it’s my computer? (“The MAC address”)

Interesting. What specific MAC address are we talking about here? (“I can’t tell you that for security reasons”)

Huh. We’re talking about my computer, and it’s MAC address. What possible security concerns about that could YOU possibly have that I do not? (Silence…back to the script…)

If you really know so much about my computer, what operating system version does it run? Windows XP, Vista, 7, 8 or what? (Acted like he did not even hear the question.)

At this point, I informed the caller that –

I am an IT professional

I am now completely convinced that he is trying to scam me, and

If I was stupid enough to give him remote access to my computer, I think he would probably like to install malware on it.

None of that is going to happen. Who exactly are you again (legal name and mailing address please)?